[Remote] Senior Security Engineer

Remote Full-time
Note: The job is a remote job and is open to candidates in USA. GXA is seeking a highly capable Security Engineer to support the delivery and operation of their gShield security services. This hands-on role focuses on incident response, security tool operations, remediation execution, client security support, and internal security improvement initiatives.ResponsibilitiesServe as a Tier 3 escalation point for active security incidents, including business email compromise (BEC), adversary-in-the-middle (AiTM), ransomware, and account compromiseLead technical analysis during incident response and war room events, including log review, IOC hunting, and lateral movement tracingExecute containment and eradication actions such as endpoint isolation, session revocation, and credential resetsCoordinate with SOC teams and vendor threat intelligence teams during active investigations and containment effortsProduce accurate incident timelines, technical findings, and evidence packages for vCISO review and client-facing follow-upOperate daily within the gShield toolstack, including platforms such as Huntress, Microsoft Defender for Endpoint (MDE), Cyrisma, DNSFilter, SIEM, and related security technologiesPerform alert triage, risk identification, scan issue resolution, and follow-through on issues surfaced by security toolsSupport SIEM operations including query development, alert review, and rule tuningAssist in tuning detection logic, scan settings, and platform effectiveness in coordination with Centralized Services and security leadershipMonitor for security gaps, suspicious activity, and control weaknesses across managed environmentsExecute technical remediation items identified through MRMMs, preventative actions, vulnerability reviews, and security recommendationsSupport gShield deliverables through technical validation, evidence gathering, scan review, and vulnerability analysisAct as a quality assurance resource for client onboarding into the gShield toolstack, while execution remains with onboarding and Centralized Services teamsAssist with client hardening efforts and follow-through on security improvement actions across managed environmentsSupport remediation of internal GXA security backlog items, including POA&M-related workAssist with rollout and support of phishing-resistant MFA, passkeys, and other internal security initiativesContribute to security engineering efforts related to Intune, Defender, ThreatLocker, AppLocker, and RMM scriptingHelp improve internal security controls, tool effectiveness, and technical enforcement mechanismsWrite and maintain security engineering SOPs, runbooks, detection playbooks, and response procedures related to gShield operations and incident responseDocument technical findings, repeatable procedures, and lessons learned from incidents and tool operationsCollaborate with security leadership and technical stakeholders on process improvements, skill development, and automation opportunitiesContribute technical depth to broader security documentation where needed, while recognizing that ownership of policy, standards, and governance documentation remains with security leadership and related functionsSkills5–7+ years of experience in cybersecurity, security operations, security engineering, or incident response rolesStrong hands-on experience with incident response, threat detection, and security operations workflowsExperience working with security platforms such as Microsoft Defender, Huntress, DNSFilter, SIEM solutions, vulnerability management tools, and endpoint security technologiesAbility to investigate security alerts, analyze logs, trace attacker activity, and support containment and remediationFamiliarity with common attack types including phishing, BEC, account compromise, ransomware, and identity-based attacksExperience supporting security controls in Microsoft 365 and endpoint environmentsStrong documentation skills and ability to write clear technical procedures and findingsAbility to work calmly and methodically during active incidents and escalationsStrong collaboration and communication skills with both internal teams and leadership stakeholdersExperience in an MSP, MSSP, or multi-client environmentFamiliarity with Intune, Microsoft Defender, AppLocker, ThreatLocker, and RMM-based scripting or automationUnderstanding of CIS benchmarks, security hardening standards, and configuration drift monitoringExperience supporting vulnerability remediation and technical aspects of vCISO or managed security programsSecurity certifications such as Security+, CySA+, SC-200, SC-300, AZ-500, GCIH, GCIA, or similar are a plusCompany OverviewGXA is a IT consulting company that offers disaster management, backup and data recovery and various such IT related solutions to companies. It was founded in 2008, and is headquartered in Richardson, Texas, USA, with a workforce of 11-50 employees. Its website is https://gxait.com/.

Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Experienced Full Stack Pharmacy Technician – Remote Customer Service and Pharmacy Operations Support for Walgreens

Remote

**Experienced Inbound Customer Service Representative – Deliver Exceptional Member Experiences and Drive Business Growth at arenaflex**

Remote

Senior Software Engineer, Core Experiences - Tokyo, Japan

Remote

Senior Manager, Digital Marketing job at Turn/River in San Francisco, CA

Remote

React Native Mobile Developer (100% Remote - United Kingdom)

Remote

**Experienced Live Chat Support Agent – Remote Part-Time Opportunity at arenaflex**

Remote

Rental Specialist - Hybrid San Antonio Home Office I

Remote

Intake Coordinator- Specialty Pharmacy- Remote

Remote

Quality Informatics Nurse Specialist

Remote

Senior Software Engineer (Data Platform)

Remote
← Back